CIOs: 10 Steps to Mobile Work Force Control

Security for mobile devices a must.

The world has gone mad for mobility, and the public sector is no exception. Benefits include: increased access to information, less need for fieldworkers to travel to the office and even less need for office space. With all the pros, one wonders why IT departments aren't jumping for joy.

But CIOs face many challenges as the work force becomes mobile, like providing reliable service and access; managing additional devices; securing the devices, access and information; and supporting mobile workers.

I've watched public-sector IT leaders try to stop the growth of mobile devices in their organizations. In addition to seeing mobility as a barrier to progress, they're disappointed when it happens anyway. The outcome of this resistance is often harder to manage than leading the organization's mobility efforts. When the organization doesn't provide mobility tools many employees use their personal devices for work.

Although the upside of discouraging mobility might be an insignificant amount of cost savings and the ability for IT to say, "We don't support your personal device," there are many risks that pose serious threats.

Information stored on personal devices is most likely not backed up and stored securely, and may lack updated software that prevents malware, viruses and Trojan horses. Security software probably isn't installed, secure configurations likely aren't in place and standard security practices probably aren't followed. The ability to push out upgrades and current versions of malware prevention and security software, as well as kill destructive programs or stolen devices aren't available. The ability to respond appropriately to Freedom of Information Act requests is compromised when government data is stored on personal devices. Last, personal devices go home with employees for good when they quit or retire.

Even employees who are denied mobility tools and don't use their own devices often circumvent IT protocols to bring mobile devices to work. Eventually these rogue mobile applications will require access to the organization's systems and data. The result is a highly diverse and complex environment that's difficult and costly to support and sustain.

Understanding that resistance is futile, I offer 10 steps to gain control of mobility in your organization:

Check your attitude. Enthusiasm is optimal; acceptance will do. Government is mobile by the very nature of its services. Mobility isn't a luxury or fad. It's a necessity.

Get ahead of it. Discover your customers' mobility needs. Be seen as the go-to source, so IT determines the path forward.

Become the expert. Ensure that you and your workers are educated and gain experience using mobile devices. It's harder to support what you don't use.

Learn from others. Many organizations are successfully deploying mobile technology, or are at least learning from their mistakes and sharing their knowledge with others. Build on your peers' progress.

Seek assistance. Realize that IT doesn't have to do it all or come up with all the solutions. Work with the vendor community; it might be easier than you think.

Make it a program. Address security, management and privacy issues with a comprehensive approach that includes technology, policies, standards and education.

Let IT governance address management issues. IT shouldn't determine who gets what mobile device, which functions they get first, how fast they are rolled out, etc. IT governance is the appropriate vehicle for setting policies and adopting standards.

Try it out. Use pilot programs to introduce mobility and test new policies, practices and systems. Pick a definitive time period, and document and share results.

Change your service model. When IT departments embrace mobility for their own use, they become more productive and can better support it. Using mobile technology can help expand IT's service reach and hours of operation to meet mobile work force demands.

Liza Lowery Massey
Liza Lowery Massey served as a public-sector IT executive for nearly 20 years, including as CIO of Los Angeles. She then established the CIO Collaborative to provide public-sector research, benchmarking and consulting services. She also teaches at the University of Nevada, Las Vegas